SHA-2 support in Microsoft Windows for installing Kaspersky business solutions
This article concerns:
- Kaspersky Security 11.0.1 for Windows Server (version 11.0.1.897)
- Kaspersky Endpoint Agent 3.10 MR3 and later
- Kaspersky Industrial CyberSecurity for Nodes 3.0 and later
- Kaspersky Embedded Systems Security 3.1 and later
Microsoft stops the support of root certificates that allow signing the code of the drivers that works on the operating system kernel level. Now drivers are signed with the WHQL (Windows Hardware Quality Lab) signature which is based on the SHA-2 (SHA-256) algorithm. Verification of such a signature requires SHA-2 support in the operating system.
Before installing a Kaspersky business solution on a protected device with an operating system from the list below, please make sure that the system has updates that bring SHA-2 support. If SHA-2 is not supported, installation will be interrupted. You can install the required updates for SHA-2 support and reinstall the application.
The table below contains a list of supported Microsoft Windows OS versions that require updates for SHA-2 support:
This table does not include the operating system updates with SHA-2 support that were published after the release of Kaspersky business solutions mentioned in this article.